New permission system launches with custom roles, providing teams with fine-grained access control to everything in LaunchDarkly.
We’re happy to announce the beta launch of Custom Roles! You will now be able to customize permissions for each of your team members. This system enhances LaunchDarkly’s basic permission system by providing comprehensive and fine-grained access control for our enterprise customers.
One of the most common requests for us at LaunchDarkly has been the ability to lock down access to feature flags in production. Over time, though, we started hearing other needs:
- “My ops team should be able to access infrastructure flags, but my product managers need to manage experiments”
- “My QA team should have full control over my test environments, but they don’t need to create feature flags”
We realized that we needed to build an access control system flexible enough to work with a team’s desired workflow, but simple to administer and use. That’s why we built a new custom roles feature, inspired by IAM, Amazon’s enterprise-grade access policy engine.
The Power of Custom Roles
- Lock your production environment down to a small set of trusted users
- Distinguish infrastructure-level feature flags (controlled by your DevOps team) from experiments (controlled by product management or marketing)
- Allow QA members to control feature flags on designated QA environments only
- Basic Permission System
- Global access control levels for team members based on a set of built-in roles
- Only supports Reader, Writer, Admin, and Owner
- Enterprise Permission System with Custom Roles (NEW)
- Inspired by AWS Identity and Access Management (IAM)
- Create custom policies for fine-grained control over everything in LaunchDarkly — from feature flags to goals, environments, and teams
- Create unlimited custom roles for complete access control
- Assign one or more custom roles to each team member, or use any of the features in the basic permissions system
- Available only for enterprise customers (Contact firstname.lastname@example.org to learn more)
How It Works
– Your teammates can now have both basic and custom roles. In this example, “Sasha Baker” has the roles “QA Team” and “Restricted”.
– Click on any teammate to manage his or her roles. In this example, “Sasha Baker” has been assigned the custom roles “QA Team” and “Restricted”. You have the option of assigning global roles (Reader, Writer, Admin) or custom roles (Ops Team, QA Team, Restricted + any other roles you create).
– Click the “Roles” tab to view your custom roles or create new ones. You may create as many roles as you like.
– Add a custom policy to your role. See our documentation for details.
- Custom roles is in beta and only available to enterprise customers. If you’re interested in access to the beta, contact us at email@example.com
- Our documentation provides detailed instructions on implementing custom roles for your team